Intelligent agents defending for an IoT world: A review

Transition to the Internet of Things (IoT) is progressing without realization. In light of this securing traditional systems is still a challenging role requiring a mixture of solutions which may negatively impact, or simply, not scale to a desired operational level. Rule and signature based intruder detection remains prominent in commercial deployments, while the use of machine learning for anomaly detection has been an active research area. Behavior detection means have also benefited from the widespread use of mobile and wireless applications. For the use of smart defense systems we propose that we must widen our perspective to not only security, but also to the domains of artificial intelligence and the IoT in better understanding the challenges that lie ahead in hope of achieving autonomous defense. We investigate how intruder detection fits within these domains, particularly as intelligent agents. How current approaches of intruder detection fulfill their role as intelligent agents, the needs of autonomous action regarding compromised nodes that are intelligent, distributed and data driven. The requirements of detection agents among IoT security are vulnerabilities, challenges and their applicable methodologies. In answering aforementioned questions, a survey of recent research work is presented in avoiding refitting old solutions into new roles. This survey is aimed toward security researchers or academics, IoT developers and information officers concerned with the covered areas. Contributions made within this review are the review of literature of traditional and distributed approaches to intruder detection, modeled as intelligent agents for an IoT perspective; defining a common reference of key terms between fields of intruder detection, artificial intelligence and the IoT, identification of key defense cycle requirements for defensive agents, relevant manufacturing and security challenges; and considerations to future development. As the turn of the decade draws nearer we anticipate 2020 as the turning point where deployments become common, not merely just a topic of conversation but where the need for collective, intelligent detection agents work across all layers of the IoT becomes a reality.

[1]  Dipti Srinivasan,et al.  Multi-Agent System in Urban Traffic Signal Control , 2010, IEEE Computational Intelligence Magazine.

[2]  Xiangjian He,et al.  Building an Intrusion Detection System Using a Filter-Based Feature Selection Algorithm , 2016, IEEE Transactions on Computers.

[3]  Bo Li,et al.  The intrusion detection in mobile sensor network , 2012, TNET.

[4]  Zhongfu Ye,et al.  Sign Language Recognition System Based on Weighted Hidden Markov Model , 2015, 2015 8th International Symposium on Computational Intelligence and Design (ISCID).

[5]  Phurivit Sangkatsanee,et al.  Practical real-time intrusion detection using machine learning approaches , 2011, Comput. Commun..

[6]  Chun-Hung Richard Lin,et al.  Intrusion detection system: A comprehensive review , 2013, J. Netw. Comput. Appl..

[7]  Wolfgang Banzhaf,et al.  The use of computational intelligence in intrusion detection systems: A review , 2010, Appl. Soft Comput..

[8]  Yin Chen,et al.  Statistical anomaly detection with sensor networks , 2010, TOSN.

[9]  Francisco Maciá Pérez,et al.  Network Intrusion Detection System Embedded on a Smart Sensor , 2011, IEEE Transactions on Industrial Electronics.

[10]  Yao Li,et al.  Construction and Strategies in IoT Security System , 2013, 2013 IEEE International Conference on Green Computing and Communications and IEEE Internet of Things and IEEE Cyber, Physical and Social Computing.

[11]  Shoushan Luo,et al.  A two-level hybrid approach for intrusion detection , 2016, Neurocomputing.

[12]  Frank Jiang,et al.  The application of extreme learning machines to the network intrusion detection problem , 2012 .

[13]  Xing Zhang,et al.  Embedded feature-selection support vector machine for driving pattern recognition , 2015, J. Frankl. Inst..

[14]  Pietro Sabatino,et al.  Ensemble based collaborative and distributed intrusion detection systems: A survey , 2016, J. Netw. Comput. Appl..

[15]  Anil K. Jain,et al.  Face Detection in Color Images , 2002, IEEE Trans. Pattern Anal. Mach. Intell..

[16]  John A. Stankovic,et al.  Research Directions for the Internet of Things , 2014, IEEE Internet of Things Journal.

[17]  William H. Robinson,et al.  A distributed intrusion detection system for resource-constrained devices in ad-hoc networks , 2010, Ad Hoc Networks.

[18]  Yong Dou,et al.  PR-ELM: Parallel regularized extreme learning machine based on cluster , 2016, Neurocomputing.

[19]  W. Eric L. Grimson,et al.  Learning Patterns of Activity Using Real-Time Tracking , 2000, IEEE Trans. Pattern Anal. Mach. Intell..

[20]  Wei Tang,et al.  Ensembling neural networks: Many could be better than all , 2002, Artif. Intell..

[21]  Muhammad Ali Imran,et al.  Distributed Anomaly Detection Using Minimum Volume Elliptical Principal Component Analysis , 2016, IEEE Transactions on Knowledge and Data Engineering.

[22]  Wen-Chieh Lin,et al.  Chess Evolution Visualization , 2014, IEEE Transactions on Visualization and Computer Graphics.

[23]  Ali A. Ghorbani,et al.  Toward developing a systematic approach to generate benchmark datasets for intrusion detection , 2012, Comput. Secur..

[24]  Majid Komeili,et al.  Local Feature Selection for Data Classification , 2016, IEEE Transactions on Pattern Analysis and Machine Intelligence.

[25]  Ratan K. Guha,et al.  What defines an intruder? An intelligent approach , 2013, 2013 IEEE Symposium on Computational Intelligence in Cyber Security (CICS).

[26]  Pavol Zavarsky,et al.  Experimental Analysis of Ransomware on Windows and Android Platforms: Evolution and Characterization , 2016, FNC/MobiSPC.

[27]  Hiroki Takakura,et al.  Toward a more practical unsupervised anomaly detection system , 2013, Inf. Sci..

[28]  William H. Robinson,et al.  Embedded Intelligent Intrusion Detection: A Behavior-Based Approach , 2007, 21st International Conference on Advanced Information Networking and Applications Workshops (AINAW'07).

[29]  Chih-Fong Tsai,et al.  CANN: An intrusion detection system based on combining cluster centers and nearest neighbors , 2015, Knowl. Based Syst..

[30]  Jonathan Loo,et al.  A Specification-Based IDS for Detecting Attacks on RPL-Based Network Topology , 2016, Inf..

[31]  Gabriel Maciá-Fernández,et al.  A model of data forwarding in MANETs for lightweight detection of malicious packet dropping , 2015, Comput. Networks.

[32]  Reza Azmi,et al.  MAIS-IDS: A distributed intrusion detection system using multi-agent AIS approach , 2014, Eng. Appl. Artif. Intell..

[33]  Pascal Vincent,et al.  Representation Learning: A Review and New Perspectives , 2012, IEEE Transactions on Pattern Analysis and Machine Intelligence.

[34]  Rodrigo Roman,et al.  On the features and challenges of security and privacy in distributed internet of things , 2013, Comput. Networks.

[35]  Fei Tony Liu,et al.  Isolation-Based Anomaly Detection , 2012, TKDD.

[36]  Ming-Yang Su,et al.  Prevention of selective black hole attacks on mobile ad hoc networks through intrusion detection systems , 2011, Comput. Commun..

[37]  Ehab Al-Shaer,et al.  Randomization-Based Intrusion Detection System for Advanced Metering Infrastructure* , 2015, TSEC.

[38]  Cipriano Galindo,et al.  Improving efficiency in mobile robot task planning through world abstraction , 2004, IEEE Transactions on Robotics.

[39]  Vern Paxson,et al.  Outside the Closed World: On Using Machine Learning for Network Intrusion Detection , 2010, 2010 IEEE Symposium on Security and Privacy.

[40]  Arkady B. Zaslavsky,et al.  Context Aware Computing for The Internet of Things: A Survey , 2013, IEEE Communications Surveys & Tutorials.

[41]  Xianjin Fang,et al.  Integrating Artificial Intelligence into Snort IDS , 2011, 2011 3rd International Workshop on Intelligent Systems and Applications.

[42]  Chou-Yuan Lee,et al.  An intelligent algorithm with feature selection and decision rules applied to anomaly intrusion detection , 2012, Appl. Soft Comput..

[43]  H. Vincent Poor,et al.  Machine Learning Methods for Attack Detection in the Smart Grid , 2015, IEEE Transactions on Neural Networks and Learning Systems.

[44]  N. Hundewale,et al.  An intelligent approach for Intrusion Detection based on data mining techniques , 2012, 2012 International Conference on Multimedia Computing and Systems.

[45]  Ge Yu,et al.  Parallel ensemble of online sequential extreme learning machine based on MapReduce , 2016, Neurocomputing.

[46]  Simon A. Dobson,et al.  A survey of self‐healing systems frameworks , 2015, Softw. Pract. Exp..

[47]  Harish Kumar,et al.  An intrusion detection system using network traffic profiling and online sequential extreme learning machine , 2015, Expert Syst. Appl..

[48]  Andrea Zanella,et al.  Internet of Things for Smart Cities , 2014, IEEE Internet of Things Journal.

[49]  Kevin Leyton-Brown,et al.  Auto-WEKA: Automated Selection and Hyper-Parameter Optimization of Classification Algorithms , 2012, ArXiv.

[50]  Christopher Archibald,et al.  A Distributed Agent for Computational Pool , 2016, IEEE Transactions on Computational Intelligence and AI in Games.

[51]  Karen Panetta,et al.  A facial recognition system for matching computerized composite sketches to facial photos using human visual system algorithms , 2016, 2016 IEEE Symposium on Technologies for Homeland Security (HST).

[52]  David G. Lowe,et al.  Scalable Nearest Neighbor Algorithms for High Dimensional Data , 2014, IEEE Transactions on Pattern Analysis and Machine Intelligence.

[53]  Adam J. Aviv,et al.  Cross-domain collaboration for improved IDS rule set selection , 2015, J. Inf. Secur. Appl..

[54]  Chih-Fong Tsai,et al.  A triangle area based nearest neighbors approach to intrusion detection , 2010, Pattern Recognit..

[55]  Jinquan Zeng,et al.  Research on immunity-based intrusion detection technology for the Internet of Things , 2011, 2011 Seventh International Conference on Natural Computation.

[56]  Sarmad Ullah Khan,et al.  Future Internet: The Internet of Things Architecture, Possible Applications and Key Challenges , 2012, 2012 10th International Conference on Frontiers of Information Technology.

[57]  Tarek S. Sobh Wired and wireless intrusion detection system: Classifications, good characteristics and state-of-the-art , 2006, Comput. Stand. Interfaces.

[58]  Berk Canberk,et al.  Self-Organized Things (SoT): An energy efficient next generation network management , 2016, Comput. Commun..

[59]  Dong Hyun Jeong,et al.  A multi-level intrusion detection method for abnormal network behaviors , 2016, J. Netw. Comput. Appl..

[60]  Wu He,et al.  Internet of Things in Industries: A Survey , 2014, IEEE Transactions on Industrial Informatics.

[61]  Muttukrishnan Rajarajan,et al.  A survey of intrusion detection techniques in Cloud , 2013, J. Netw. Comput. Appl..

[62]  Ivan Marsá-Maestre,et al.  Applying an Unified Access Control for IoT-based Intelligent Agent Systems , 2015, 2015 IEEE 8th International Conference on Service-Oriented Computing and Applications (SOCA).

[63]  Hao Chen,et al.  Two-stage decomposition of SNORT rules towards efficient hardware implementation , 2009, 2009 7th International Workshop on Design of Reliable Communication Networks.

[64]  G. A. Vijayalakshmi Pai,et al.  Swarm intelligence based approach for sinkhole attack detection in wireless sensor networks , 2014, Appl. Soft Comput..

[65]  Ahmed Patel,et al.  An intrusion detection and prevention system in cloud computing: A systematic review , 2013, J. Netw. Comput. Appl..

[66]  Tarek N. Saadawi,et al.  Distributed Network Intrusion Detection Systems: An Artificial Immune System Approach , 2016, 2016 IEEE First International Conference on Connected Health: Applications, Systems and Engineering Technologies (CHASE).

[67]  Pramod Anantharam,et al.  Semantic Gateway as a Service Architecture for IoT Interoperability , 2014, 2015 IEEE International Conference on Mobile Services.

[68]  Mamun Bin Ibne Reaz,et al.  A novel SVM-kNN-PSO ensemble method for intrusion detection system , 2016, Appl. Soft Comput..

[69]  Dianxiang Xu,et al.  Security of Software Defined Networks: A survey , 2015, Comput. Secur..

[70]  Prasan Kumar Sahoo,et al.  Big data analytic architecture for intruder detection in heterogeneous wireless sensor networks , 2016, J. Netw. Comput. Appl..

[71]  Roberto Díaz-Morales,et al.  Efficient parallel implementation of kernel methods , 2016, Neurocomputing.

[72]  Siyang Zhang,et al.  A novel hybrid KPCA and SVM with GA model for intrusion detection , 2014, Appl. Soft Comput..

[73]  Ehab Al-Shaer,et al.  Automated Anomaly Detector Adaptation using Adaptive Threshold Tuning , 2013, TSEC.

[74]  Magnus Westerlund,et al.  Using extreme learning machine for intrusion detection in a big data environment , 2014, AISec '14.

[75]  Kai Zhao,et al.  A Survey on the Internet of Things Security , 2013, 2013 Ninth International Conference on Computational Intelligence and Security.

[76]  Kwangjo Kim,et al.  Data Randomization and Cluster-Based Partitioning for Botnet Intrusion Detection , 2016, IEEE Transactions on Cybernetics.

[77]  Jun Zhang,et al.  Network Traffic Classification Using Correlation Information , 2013, IEEE Transactions on Parallel and Distributed Systems.

[78]  Thaier Hayajneh,et al.  Reverse TCP and Social Engineering Attacks in the Era of Big Data , 2016, 2016 IEEE 2nd International Conference on Big Data Security on Cloud (BigDataSecurity), IEEE International Conference on High Performance and Smart Computing (HPSC), and IEEE International Conference on Intelligent Data and Security (IDS).

[79]  Kalyan Veeramachaneni,et al.  AI^2: Training a Big Data Machine to Defend , 2016, 2016 IEEE 2nd International Conference on Big Data Security on Cloud (BigDataSecurity), IEEE International Conference on High Performance and Smart Computing (HPSC), and IEEE International Conference on Intelligent Data and Security (IDS).